10.132.101.151

Subscribe to our mailing list

What Topic Matters Most To You?
View Privacy Policy

In Wake Of Massive Hacks, New York Tightens Regulations On Health Insurers

The new regulations come after major breaches in recent years by major insurers operating in New York.

After a wave of large, high-profile cyber attacks against health insurers that exposed customers’ private medical information regulators have stepped in.

This month, a new set of cyber security regulations from New York regulators targeting the state’s insurance companies went into effect. The new set of rules is the most comprehensive in the country and requires insurers to critically examine their security practices to meet the new demands. Bloomberg BNA reports:

“And now New York has gotten into the act with a completely different set of rules that are the most comprehensive of any U.S. state. Earlier this month, New York’s top banking and insurance regulator threw down the proverbial gauntlet—or, perhaps more of a sledgehammer— with its new cybersecurity regulation which has broad implications for health-care insurers that operate in New York.”

The new regulations come after major breaches in recent years by major insurers operating in New York.

In 2016, New York had at least 15 healthcare data breaches. The same year, the state was ranked second for the highest number of medical records exposed, 3,588,554 in total. In September of 2015, a hack of New York insurer Excellus BlueCross BlueShield exposed the personal information of more than 10 million people.

Nationally, health insurers have been equally incapable of keeping their customers private records safe. In February of 2015, Anthem suffered a major breach, which affected a database of 80 million customer records.